Secure Development

“EC Wise will first help you formulate the right business questions and then define an approach to satisfying the appropriate business needs; others tend to arrive with a solution and then attempt to fit your problems to their solutions.”

— Andreas Weigend, Former Chief Scientist, Amazon.com

 

EC Wise has a strong track record working with companies that build market leading B2B and B2C services. With its Secure Agile Test Driven Development methodology EC Wise has successfully:

  • Delivered document production, management and storage systems for high volume outsourced bill and document presentment
  • Designed, architected and delivered flexible and highly functional web-based administrative and customer interaction services
  • Designed and implemented mobile and web portals tightly integrated with diagnostic and referral systems for self-service medical care
  • Enabled secure portals that make it easy to find and access statements; document images; business process dashboards; and exception alerts
  • Designed, developed and managed a social network integrated with on-property gaming systems in use at large casinos around the U.S.
  • Built highly integrated enterprise transaction systems

EC Wise’s design and architecture teams have the proven know-how for analyzing and designing sophisticated systems in a variety of domains. We know how to identify and implement solutions for common classes of requirements, feature sets and priorities. Working with your product managers, business analysts and systems analyst we help you define target features, and capture them in a form accessible to all project stakeholders through our collaboration portals.

 

The EC Wise approach focuses on identifying critical design and architectural requirements, including:

  • Usability – The user interface must be not only intuitive, but also attractive to its target audience.
  • Modularity – packaged as independent microservices, which can evolve independently.
  • Extensibility – New capabilities can be added to the software without major changes to the underlying architecture.
  • Fault-tolerance – Resistant to and able to recover from component failure.
  • Reliability – Able to perform without interruption outside of maintenance periods, regardless of changes in loads or other stressors.
  • Security – Able to withstand hostile acts and breach attempts.

From day one of an engagement our main goal is to determine what will make our Client’s operations more successful. Regardless of the industry, the initial questions are generally the same.

  • What business opportunities and revenues are you trying to capture?
  • What solution can we deliver that provides a high ROI in the short term?
  • How can we visually organize output to be intuitive and informative to your end users?

Our experienced Architecture team will translate the answers into an architectural approach validated by Architectural Spikes and Lo-Fidelity UI Design Spikes. This has the benefit of validating early assumptions and allowing clients refine their requirements based on a better idea of what the end product will look like.

We then plan a first iteration that will provide significant business value with results delivered within two weeks. Our development team (internationally distributed to maximize efficiency and cost-effectiveness) develops functional specifications, implements code, and automates acceptance tests.

To find out more about secure application development, visit EC:Secure – Application.

As a Microsoft Partner with Silver level Application Development certification, EC Wise has incorporated many aspects of Microsoft’s Secure Development Lifecycle. At all levels we think about how to validate before we write specifications or code. Continuous automation tools build and test changed code automatically, and scan all code on “check-in” to find obvious standards violations and security vulnerabilities, thereby reducing cost and increasing confidence.  Key components of our “Bottom Up/ Top Down” strategy include unit testing specific blocks of code against predefined business objectives, integration testing how various functions work to provided business services, and developing “requirements to design” traceability tools.